Skip Ribbon Commands
Skip to main content

L-550 - 1 - Enterprise Linux Security Administration


Duration: 5 Days




Delivery Method:

Software Assurance Value:

Microsoft CPE:

Course Information

Course Description

​This highly technical 5-day course focuses on properly securing machines running the Linux operating systems. A broad range of general security techniques such as packet filtering, password policies, and file integrity checking are covered. Advanced security technologies such as Kerberos and SELinux are taught. Special attention is given to securing commonly deployed network services. At the end of the course, students have an excellent understanding of the potential security vulnerabilities—know how to audit existing machines, and how to securely deploy new network services.

This courses is currently offered on the latest releases of Red Hat Enterprise Linux.

Course Objectives

​At the end of this course, the student will be able to:

  • Configure Kerberos authentication of services and users, including Host Principals and Service Principals.
  • Configure Linux Pluggable Authentication Modules (PAM).
  • Create secured file systems with encryption.
  • Set up intrusion detection mechanisms such as TripWire.
  • Secure services such as Apache web server, PostgreSQL databases, E-mail (SMTP).
  • Understand the goals and uses of Security Enhanced Linux (SELinux).

Course Audience

​This course is designed for system administrators and network administrators concerned with enterprise-wide network security and authentication.

Course Outline

Security Foundations
  • Security Principles
  • Post-installation Hardening
  • Service Discovery, Minimization
  • Scanning and Mapping Vulnerabilities
  • Probing with DNS, SNMP, RPC, and NFS
  • Nessus Insecurity Scanner
  • Password Security and PAM
Secure Authentication with Kerberos
  • Secure Time Synchronization with NTP
  • ACLs for Secure NTP
  • Kerberos History, Implementations, and Concepts
  • Kerberos Principals, Safeguards, and Components
  • Authentication Process and Identification Types
  • KDC Server Daemons
  • Plan Topology and Implementation
  • Create KDC Databases and Administrators
  • Add Host Principals and Common Service Principals
  • Configure Slave KDC
  • Client PAM Configuration
  • Managing Keytabs
  • Principals and Managing Principals
  • MIT vs. Heimdal Principal Policy
  • Using Kerberized Services
  • Enabling Kerberized Services
  • OpenSSH and Kerberos
Securing the Filesystem
  • Filesystem Mount Options
  • NFS Properties and NFS Export Option
  • NFSv4 and GSSAPI Auth
  • Implementing NFSv4
  • File Encryption with GPG and OpenSSL
  • Encrypted Loopback FS
  • Using RPM as an IDS
  • TripWire History and Concepts
  • TripWire Installation, Policies, and Configuration
  • TripWire Commands and General Operation
Securing Common Services
  • Secure CGI with Apache
  • Turning off Unneeded Modules
  • Configuration Delegation and Scope
  • ACL by IP Address
  • HTTP User Authentication
  • Standard Auth Modules
  • HTTP Digest Authentication
  • Authentication via SQL, LDAP, and Kerberos
  • Scrubbing HTTP Headers
  • Metering HTTP Bandwidth
  • PostgreSQL Overview and Default Configuration
  • SSL for PostgreSQL
  • Authentication Methods and Advanced Authentication
  • Ident-based Authentication
  • PostgreSQL Kerberos Authentication
  • Integrating Apache, PHP, and PostgreSQL Securely
  • SMTP Overview and Implementations
  • Selecting an MTA
  • Security Considerations
  • Postfix Overview
  • Chrooting Postfix
  • Connections and Relays
  • Secure Cyrus IMAP Config
  • Using GSSAPI/Kerberos Authentication
  • DAC vs. MAC Security
  • Shortcomings of Traditional UNIX Security
  • SELinux Goals, Terms, and Architecture
  • Activating and Interfacing with SELinux
  • SELinux commands and Roles
  • Understanding and Modifying Policy Source
  • File Context Files (*.fc)
  • Type Enforcement Files (*.te)
  • Using Booleans
  • Policy Analysis
  • Policy Customization

Course Prerequisites

This class covers advanced security topics and is intended for experienced systems administrators. Candidates should have current Linux or UNIX systems administration experience.
Before attending this course, students must have:
  • Completed L-100, Introduction to the Linux Operating System, or have equivalent knowledge.
  • Completed L-250, Enterprise Linux Systems Administration, or have equivalent knowledge.
Course Schedule
This course is not scheduled yet.